• admin
• Fiber
• Hunting
• abril 13, 2026
• 0 Comentarios

Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Ravie LakshmananApr 13, 2026Cybersecurity / Hacking Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in…

Continue reading

• admin
• Doesnt
• Gap
• abril 13, 2026
• 0 Comentarios

Your MTTD Looks Great. Your Post-Alert Gap Doesn’t

Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks’ Wendi Whitmorewarned that similar capabilities are…

Continue reading

• admin
• APT37
• Deliver
• abril 13, 2026
• 0 Comentarios

North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

Ravie LakshmananApr 13, 2026Social Engineering / Threat Intelligence The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat…

Continue reading

• admin
• App
• Axios
• abril 13, 2026
• 0 Comentarios

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March 31, but noted that no user data or internal system was compromised. «Out…

Continue reading

• admin
• Acrobat
• Actively
• abril 12, 2026
• 0 Comentarios

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Ravie LakshmananApr 12, 2026Vulnerability / Endpoint Security Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability,…

Continue reading

• admin
• Breach
• CPUID
• abril 12, 2026
• 0 Comentarios

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

Ravie LakshmananApr 12, 2026Malware / Threat Intelligence Unknown threat actors compromised CPUID («cpuid[.]com»), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than…

Continue reading

• admin
• Data
• Devices
• abril 11, 2026
• 0 Comentarios

Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc.…

Continue reading

• admin
• Campaign
• Developer
• abril 10, 2026
• 0 Comentarios

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

Ravie LakshmananApr 10, 2026Malware / Blockchain Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that’s designed to stealthily infect all integrated…

Continue reading

• admin
• CVE202639987
• Disclosure
• abril 10, 2026
• 0 Comentarios

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

Ravie LakshmananApr 10, 2026Vulnerability / Threat Intelligence A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure,…

Continue reading

• admin
• Browser
• Channel
• abril 10, 2026
• 0 Comentarios

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there’s a wide-open window nobody’s guarding: AI browser extensions.  A new report from LayerX exposes just how deep this…

Continue reading